GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
Lack of validation in data format attributes in TensorFlow
Low
CVE-2020-26267
was published
for
tensorflow
(pip)
Dec 10, 2020
Heap out of bounds read in `RaggedCross`
Low
CVE-2021-29532
was published
for
tensorflow
(pip)
May 21, 2021
Heap out of bounds in `QuantizedBatchNormWithGlobalNormalization`
Low
CVE-2021-29547
was published
for
tensorflow
(pip)
May 21, 2021
OOB read in `MatrixTriangularSolve`
Low
CVE-2021-29551
was published
for
tensorflow
(pip)
May 21, 2021
Heap OOB in `QuantizeAndDequantizeV3`
Low
CVE-2021-29553
was published
for
tensorflow
(pip)
May 21, 2021
Heap buffer overflow in `RaggedTensorToTensor`
Low
CVE-2021-29560
was published
for
tensorflow
(pip)
May 21, 2021
Heap out of bounds read in `RequantizationRange`
Low
CVE-2021-29569
was published
for
tensorflow
(pip)
May 21, 2021
Heap out of bounds read in `MaxPoolGradWithArgmax`
Low
CVE-2021-29570
was published
for
tensorflow
(pip)
May 21, 2021
Heap OOB read in `tf.raw_ops.Dequantize`
Low
CVE-2021-29582
was published
for
tensorflow
(pip)
May 21, 2021
Heap buffer overflow and undefined behavior in `FusedBatchNorm`
Low
CVE-2021-29583
was published
for
tensorflow
(pip)
May 21, 2021
Heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
Low
CVE-2021-29590
was published
for
tensorflow
(pip)
May 21, 2021
linux-loader reading beyond EOF could lead to infinite loop
Low
CVE-2022-23523
was published
for
linux-loader
(Rust)
Dec 12, 2022
Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses
Low
CVE-2023-41051
was published
for
vm-memory
(Rust)
Sep 4, 2023
Vyper's `extract32` can ready dirty memory
Low
CVE-2024-24564
was published
for
vyper
(pip)
Feb 26, 2024
OpenZeppelin Contracts base64 encoding may read from potentially dirty memory
Low
CVE-2024-27094
was published
for
@openzeppelin/contracts
(npm)
Feb 29, 2024
ProTip!
Advisories are also available from the
GraphQL API